#start find components
use version;
do "$mepath/core/compare.pl";
$btf=0;
@ffiles = ('WS_FTP.LOG','README.txt','readme.txt','README.md','readme.md','LICENSE.TXT','license.txt','LICENSE.txt','licence.txt','CHANGELOG.txt','changelog.txt','MANIFEST.xml','manifest.xml','error_log','error.log');

$ua->requests_redirectable(undef);

open(my $DB,"exploit/db/componentslist.txt");
while( my $row = <$DB>)  {
	chomp $row;

	$tmp="";
	$response=$ua->get("$target/components/$row/");
	my $headers  = $response->headers();
	my $content_type =$headers->content_type();
	if ($response->status_line =~ /200/g ) {
		$tmp.="Name: $row\nLocation : $target/components/$row/\n";

		$source=$response->decoded_content;
		if ($source =~ /<title>Index of/g or $source =~ /Last modified<\/a>/g) {
			$tmp.="Directory listing is enabled : $target/components/$row/\n";
		}
		$btf=1;

		#components/com_
		foreach $ffile(@ffiles){
			$response=$ua->get("$target/components/$row/$ffile");
			my $headers  = $response->headers();
			my $content_type =$headers->content_type();
			if ($response->status_line =~ /200/g ) {
				chomp $ffile;
				$tmp.="$ffile : $target/components/$row/$ffile\n";
					
			}
		}
		
		#Version finder
		$xm=$row;
		$xm=~ s/com_//g;

		$response=$ua->get("$target/components/$row/$xm.xml");
		my $headers  = $response->headers();
		$sourcer=$response->decoded_content;
		if ($response->status_line =~ /200/g ) {
			$sourcer =~ /type=\"component\" version=\"(.*?)\"/;
			my $comversion = $1;
			$tmp.="Installed version : $comversion\n";
			
				}
		
		open(my $FB,"exploit/db/comvul.txt");
		while( my $row = <$FB>)  {
			my @matches;
			while ($row =~/\[(.*?)\]/g) {
			push @matches, $1;
		}

					if ( @matches[1] eq $xm) {
							#compare install version vs fixed version
							 if($comversion =~ /\./ and @matches[6] =~ /\./){
							 $tmp.="$comversion\n";
								 $a=$comversion;
								 $b=@matches[6];
								 	if(!&version_compare("$a","$b") == 1) {

								 		$tmp.= "[!] We found vulnerable component\n";
									 }else{
										$tmp.="[!] We found the component \"com_$xm\", but since the component version was not available we cannot ensure that it's vulnerable, please test it yourself.\n";
									}
								  
							 }else{
								$tmp.="[!] We found the component \"com_$xm\", but since the component version was not available we cannot ensure that it's vulnerable, please test it yourself.\n";
							}
							
							$tmp.= "Title : ". @matches[0] . "\n" if @matches[0] !~ /-/;
							$tmp.=  "Exploit date : ". @matches[2]. "\n" if @matches[2] !~ /-/;
							$tmp.=  "Reference : http://www.cvedetails.com/cve/CVE-". @matches[3]. "\n" if @matches[3] !~ /-/ and @matches[3] !~ /\,/;
							if(index(@matches[3], ',') != -1){
								print 123;
								@pp=split(/\,/,@matches[3]);
								$tmtm="";
								foreach $tt(@pp){
									$tmtm.= "Reference : http://www.cvedetails.com/cve/CVE-$tt\n";
								}
								$tmp.= $tmtm;
							}
							$tmp.=  "Reference : https://www.exploit-db.com/exploits/". @matches[5]. "\n" if @matches[5] !~ /-/;
							$tmp.=  "Component : ". @matches[4]. "\n" if @matches[4] !~ /-/;
							$tmp.=  "Fixed in : ". @matches[6]. "\n" if @matches[6] !~ /-/;
							#$tmp.=  "Introduced in : ". @matches[7]. "\n" if @matches[7] !~ /-/;				 
					} 
		
			}
			close $FB;

		
		
		#admin/components/com_
		if($amtf==1){
			foreach $ffile(@ffiles){
				$response=$ua->get("$target/$adming/components/$row/$ffile");
				my $headers  = $response->headers();
				my $content_type =$headers->content_type();
				if ($response->status_line =~ /200/g ) {
					chomp $ffile;
					$tmp.="$ffile : $target/$adming/components/$row/$ffile\n";
						
				}
			}
		}
	}	
	if($tmp){
			dprint("Enumeration component ($row)");
			tprint($tmp);
		}	
}




if($btf==0){
	dprint("Enumeration component");
	fprint("components are not found");
}
#end find components
